VulDB Recent Entries

A vulnerability was found in Linux Kernel up to 6.12.24/6.14.3/6.15-rc2. It has been declared as problematic. This vulnerability affects the function num_relocations of the component riscv. The manipulation leads to out-of-bounds read. This vulnerability was named CVE-2025-37975. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.14.6/6.15-rc5. It has been rated as critical. This issue affects the function opt3001_irq. The manipulation leads to deadlock. The identification of this vulnerability is CVE-2025-37968. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.25/6.14.4/6.15-rc3. It has been classified as problematic. This affects an unknown part of the component usb. The manipulation leads to state issue. This vulnerability is uniquely identified as CVE-2025-37986. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.14.2 and classified as critical. Affected by this vulnerability is the function ath12k_dp_mon_srng_process of the component wifi. The manipulation leads to denial of service. This vulnerability is known as CVE-2025-37976. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.14.6/6.15-rc5 and classified as critical. Affected by this issue is some unknown functionality of the component riscv. The manipulation leads to denial of service. This vulnerability is handled as CVE-2025-37966. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.12.28/6.14.6/6.15-rc5. Affected is the function v4l2_dev of the component bcm2835-camera. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2025-37971. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.15-rc4. This issue affects some unknown processing of the file fpe.c of the component parisc. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2025-37991. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Linux Kernel up to d1347977661342cb09a304a17701eb2d4aa21dec. This vulnerability affects the function should_flush_tlb. The manipulation leads to privilege escalation. This vulnerability was named CVE-2025-37964. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to a41cd52f00907a040ca22c73d4805bb79b0d0972. This affects the function parse_lease_state of the component ksmbd. The manipulation leads to memory leak. This vulnerability is uniquely identified as CVE-2025-37962. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.90/6.12.28/6.14.6/6.15-rc5. It has been rated as problematic. Affected by this issue is the function d_alloc of the component ksmbd. The manipulation leads to privilege escalation. This vulnerability is handled as CVE-2025-37956. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.138/6.6.90/6.12.28/6.14.6/6.15-rc6. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component arm64. The manipulation leads to privilege escalation. This vulnerability is known as CVE-2025-37963. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel. It has been classified as critical. Affected is an unknown function of the file arch/x86/kvm/x86.c of the component KVM. The manipulation leads to use after free. This vulnerability is traded as CVE-2025-37957. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.28/6.14.6/6.15-rc5 and classified as problematic. This issue affects the function memblock_double_array. The manipulation leads to allocation of resources. The identification of this vulnerability is CVE-2025-37960. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.1.138/6.6.90/6.12.28/6.14.6/6.15-rc5 and classified as critical. This vulnerability affects the function bpf_redirect_peer. The manipulation leads to privilege escalation. This vulnerability was named CVE-2025-37959. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.12.28/6.14.6/6.15-rc5. This affects the function huge_memory. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2025-37958. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel. Affected by this issue is the function do_output_route4 of the component ipvs. The manipulation leads to denial of service. This vulnerability is handled as CVE-2025-37961. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Linux Kernel up to 6.6.90/6.12.28/6.14.6/6.15-rc5. Affected by this vulnerability is the function open_cached_dir of the component smb. The manipulation leads to allocation of resources. This vulnerability is known as CVE-2025-37954. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.15-rc5. Affected is the function htb_deactivate of the component sch_htb. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2025-37953. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.138/6.6.90/6.12.28/6.14.6/6.15-rc5. It has been declared as problematic. This vulnerability affects the function ksmbd_vfs_stream_write. The manipulation leads to out-of-bounds read. This vulnerability was named CVE-2025-37947. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.138/6.6.90/6.12.28/6.14.6/6.15-rc5. It has been rated as critical. This issue affects the function timedout_job. The manipulation leads to memory leak. The identification of this vulnerability is CVE-2025-37951. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.